The cybersecurity myths companies can’t seem to shake 2025-08-19 at 08:01 By Sinisa Markovic Cybersecurity myths are like digital weeds: pull one out, and another quickly sprouts in its place. You’ve probably heard them before: Macs don’t get viruses, we’re too small to be a target, or changing passwords often keeps us safer. Experts have […]
React to this headline:
The cybersecurity myths companies can’t seem to shake Read More »
What makes airport and airline systems so vulnerable to attack? 2025-08-19 at 07:32 By Help Net Security In this Help Net Security video, Recep Ozdag, VP and GM at Keysight Technologies, explains why airline and airport systems are so difficult to secure. He explores the complex aviation ecosystem, from legacy systems and third-party vendors to
React to this headline:
What makes airport and airline systems so vulnerable to attack? Read More »
Cybersecurity jobs available right now: August 19, 2025 2025-08-19 at 07:03 By Sinisa Markovic Senior Cybersecurity Analyst DOT Security | USA | On-site – View job details As a Senior Cybersecurity Analyst, you will lead the investigation of real-time alerts from SIEM platforms and other security tools, ensuring timely identification of potential threats. You will
React to this headline:
Cybersecurity jobs available right now: August 19, 2025 Read More »
New NIST guide explains how to detect morphed images 2025-08-18 at 18:00 By Sinisa Markovic Face morphing software can blend two people’s photos into one image, making it possible for someone to fool identity checks at buildings, airports, borders, and other secure places. These morphed images can trick face recognition systems into linking the photo
React to this headline:
New NIST guide explains how to detect morphed images Read More »
Noodlophile infostealer is hiding behind fake copyright and PI infringement notices 2025-08-18 at 16:12 By Zeljka Zorz Attackers pushing the Noodlophile infostealer are targeting businesses with spear-phishing emails threatening legal action due to copyright or intellectual property infringement, Morphisec researchers have warned. The campaign The emails, ostensibly sent by a law firm, are tailored to
React to this headline:
Noodlophile infostealer is hiding behind fake copyright and PI infringement notices Read More »
How security teams are putting AI to work right now 2025-08-18 at 09:42 By Mirko Zorz AI is moving from proof-of-concept into everyday security operations. In many SOCs, it is now used to cut down alert noise, guide analysts during investigations, and speed up incident response. What was once seen as experimental technology is starting
React to this headline:
How security teams are putting AI to work right now Read More »
Buttercup: Open-source AI-driven system detects and patches vulnerabilities 2025-08-18 at 09:42 By Help Net Security Buttercup is a free, automated, AI-powered platform that finds and fixes vulnerabilities in open-source software. Developed by Trail of Bits, it recently earned second place in DARPA’s AI Cyber Challenge (AIxCC). Main components Buttercup is made up of four main
React to this headline:
Buttercup: Open-source AI-driven system detects and patches vulnerabilities Read More »
Review: Data Engineering for Cybersecurity 2025-08-18 at 08:12 By Mirko Zorz Data Engineering for Cybersecurity sets out to bridge a gap many security teams encounter: knowing what to do with the flood of logs, events, and telemetry they collect. About the author James Bonifield has a decade of experience analyzing malicious activity, implementing data pipelines,
React to this headline:
Review: Data Engineering for Cybersecurity Read More »
Weak alerting and slipping prevention raise risk levels for CISOs 2025-08-18 at 07:47 By Mirko Zorz Prevention effectiveness is falling, detection gaps remain wide, and attackers are exploiting weaknesses in data protection and credentials. Data theft prevention has dropped to 3 percent, password cracking success rates have nearly doubled, and new threat groups are bypassing
React to this headline:
Weak alerting and slipping prevention raise risk levels for CISOs Read More »
Bridging the AI model governance gap: Key findings for CISOs 2025-08-18 at 07:47 By Anamarija Pogorelec While most organizations understand the need for strong AI model governance, many are still struggling to close gaps that could slow adoption and increase risk. The findings of a new Anaconda survey of more than 300 AI practitioners and
React to this headline:
Bridging the AI model governance gap: Key findings for CISOs Read More »
Week in review: 2 threat actors exploiting WinRAR 0-day, Microsoft fixes “BadSuccessor” Kerberos flaw 2025-08-17 at 12:29 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: WinRAR zero-day was exploited by two threat actors (CVE-2025-8088) The RomCom attackers aren’t the only ones that have been
React to this headline:
How military leadership prepares veterans for cybersecurity success 2025-08-15 at 09:47 By Mirko Zorz In this Help Net Security interview, Warren O’Driscoll, Head of Security Practice at NTT DATA UK and Ireland, discusses how military leadership training equips veterans with the mindset, resilience, and strategic thinking needed to excel in cybersecurity. Drawing on habits such
React to this headline:
How military leadership prepares veterans for cybersecurity success Read More »
Cyber insurance market shows early signs of maturity 2025-08-15 at 09:06 By Sinisa Markovic The cyber insurance market is entering a new phase of evolution and showing early signs of maturity, according to recent research from Arctic Wolf. Brokers and carriers are taking on different but connected roles to help customers get policies. Brokers advise
React to this headline:
Cyber insurance market shows early signs of maturity Read More »
Fighting fraud with AI: The new identity security playbook 2025-08-15 at 08:34 By Help Net Security In this Help Net Security video, Hal Lonas, CTO at Trulioo, talks about the rise of synthetic identity fraud and how it’s quickly becoming one of the biggest threats in financial crime. He breaks down how fraudsters are using
React to this headline:
Fighting fraud with AI: The new identity security playbook Read More »
Obot MCP Gateway: Open-source platform to securely manage the adoption of MCP servers 2025-08-15 at 08:34 By Help Net Security Obot MCP Gateway is a free, open-source gateway that enables IT organizations to securely manage and scale adoption of Model Context Protocol (MCP) servers. MCPs are becoming the standard for how AI agents interface with
React to this headline:
Obot MCP Gateway: Open-source platform to securely manage the adoption of MCP servers Read More »
Employees race to build custom AI apps despite security risks 2025-08-15 at 07:37 By Help Net Security The latest Netskope findings show a 50% increase in GenAI platform usage among enterprise end-users, driven by growing employee demand for tools to develop custom AI applications and agents. Top LLM interfaces by percentage in organizations (source: Netskope)
React to this headline:
Employees race to build custom AI apps despite security risks Read More »
New infosec products of the week: August 15, 2025 2025-08-15 at 07:00 By Sinisa Markovic Here’s a look at the most interesting products from the past week, featuring releases from Brivo, Envoy, Prove, Rubrik, and Trellix. Rubrik Agent Rewind enables organizations to undo mistakes made by agentic AI Agent Rewind, powered by Predibase AI infrastructure,
React to this headline:
New infosec products of the week: August 15, 2025 Read More »
Brute-force attacks hammer Fortinet devices worldwide 2025-08-14 at 17:05 By Zeljka Zorz A surge in brute-force attempts targeting Fortinet SSL VPNs that was spotted earlier this month could be a portent of imminent attacks leveraging currently undisclosed (potentially zero-day) vulnerabilities in Fortinet devices. Shifting attacks Greynoise, a cybersecurity intelligence service that through its global network
React to this headline:
Brute-force attacks hammer Fortinet devices worldwide Read More »
For $40, you can buy stolen police and government email accounts 2025-08-14 at 15:01 By Sinisa Markovic Active police and government email accounts are being sold on the dark web for as little as $40, giving cybercriminals a direct line into systems and services that rely on institutional trust. According to new research from Abnormal
React to this headline:
For $40, you can buy stolen police and government email accounts Read More »
Vulnerabilities in MSP-friendly RMM solution exploited in the wild (CVE-2025-8875, CVE-2025-8876) 2025-08-14 at 13:33 By Zeljka Zorz Two vulnerabilities (CVE-2025-8875, CVE-2025-8876) in N-central, a remote monitoring and management (RMM) solution by N-able that’s popular with managed service providers, are being exploited by attackers. There are no public reports of exploitation, but the confirmation came from
React to this headline: